[PATCH 0/3] Allow syscalls for openssl engines

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



This patchset allow syscalls (flock, ipc, getuid, geteuid and ioctl), so
openssl engines, e.g. OpenSSL-ibmca and OpenSSL-ibmpkcs11, can work and
communicate with the crypto cards during ssh login.

1. The flock and ipc are allowed only for s390 architecture. They are needed
for openCryptoki project (PKCS#11 implementation), as the ibmpkcs11 engine
makes use of openCryptoki.
For more information, please check here:
https://sourceforge.net/projects/opencryptoki/

2. getuid and geteuid are allowed to any architecture as this is also needed
by the distros. libica and other crypto libraries use those syscalls.

3. The ioctl is allowed when an specific argument is passed. This argument
is from EP11 crypto card on s390 architecture.
For more information check here:
http://elixir.free-electrons.com/linux/latest/source/arch/s390/include/uapi/asm/zcrypt.h#L259

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux